Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

e1e5b9498c...0N.exe

windows7-x64

9

e1e5b9498c...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1e5b9498ccd970d7350bf2a19050600N.exe

  • Size

    29KB

  • Sample

    240907-dagada1dpj

  • MD5

    e1e5b9498ccd970d7350bf2a19050600

  • SHA1

    b277b801f86c21942acecc8b02f640e6ee9d2af8

  • SHA256

    5ee6d2f285765f8c82c3312129f0840cc8d8d9ba9fdddab4361d23ee69f82329

  • SHA512

    b6d19bf6d2e3d694922381c5122c97003eee584f7c300be461e0d3023a02c165329a31a0c6679db735a02512a69b6d91f69a05c011095db3a5d6ccb36ef00e6b

  • SSDEEP

    384:QOlIBXDaU7CPKK0TIhfJJ1Evd5BvhzaM9mSIEvd5BvhzaM9mSsxmMxm9+9ZJVuE:kBT37CPKKdJJ1EXBwzEXBwdcMcI9ZJR

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      e1e5b9498ccd970d7350bf2a19050600N.exe

    • Size

      29KB

    • MD5

      e1e5b9498ccd970d7350bf2a19050600

    • SHA1

      b277b801f86c21942acecc8b02f640e6ee9d2af8

    • SHA256

      5ee6d2f285765f8c82c3312129f0840cc8d8d9ba9fdddab4361d23ee69f82329

    • SHA512

      b6d19bf6d2e3d694922381c5122c97003eee584f7c300be461e0d3023a02c165329a31a0c6679db735a02512a69b6d91f69a05c011095db3a5d6ccb36ef00e6b

    • SSDEEP

      384:QOlIBXDaU7CPKK0TIhfJJ1Evd5BvhzaM9mSIEvd5BvhzaM9mSsxmMxm9+9ZJVuE:kBT37CPKKdJJ1EXBwzEXBwdcMcI9ZJR

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (468) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks